Linear Cryptanalysis -- On Multiple Linear Approximations -- Feistel Schemes and Bi-linear Cryptanalysis -- Group Signatures -- Short Group Signatures -- Signature Schemes and Anonymous Credentials from Bilinear Maps -- Foundations -- Complete Classification of Bilinear Hard-Core Functions -- Finding Collisions on a Public Road, or Do Secure Hash Functions Need Secret Coins? -- Security of Random Feistel Schemes with 5 or More Rounds -- Efficient Representations -- Signed Binary Representations Revisited -- Compressed Pairings -- Asymptotically Optimal Communication for Torus-Based Cryptography -- How to Compress Rabin Ciphertexts and Signatures (and More) -- Public Key Cryptanalysis -- On the Bounded Sum-of-Digits Discrete Logarithm Problem in Finite Fields -- Computing the RSA Secret Key Is Deterministic Polynomial Time Equivalent to Factoring -- Zero-Knowledge -- Multi-trapdoor Commitments and Their Applications to Proofs of Knowledge Secure Under Concurrent Man-in-the-Middle Attacks -- Constant-Round Resettable Zero Knowledge with Concurrent Soundness in the Bare Public-Key Model -- Zero-Knowledge Proofs and String Commitments Withstanding Quantum Attacks -- The Knowledge-of-Exponent Assumptions and 3-Round Zero-Knowledge Protocols -- Hash Collisions -- Near-Collisions of SHA-0 -- Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions -- Secure Computation -- Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography -- Round-Optimal Secure Two-Party Computation -- Invited Talk -- Security, Liberty, and Electronic Communications -- Stream Cipher Cryptanalysis -- An Improved Correlation Attack Against Irregular Clocked and Filtered Keystream Generators -- Rewriting Variables: The Complexity of Fast Algebraic Attacks on Stream Ciphers -- Faster Correlation Attack on Bluetooth Keystream Generator E0 -- Public Key Encryption -- A New Paradigm of Hybrid Encryption Scheme -- Secure Identity Based Encryption Without Random Oracles -- Bounded Storage Model -- Non-interactive Timestamping in the Bounded Storage Model -- Key Management -- IPAKE: Isomorphisms for Password-Based Authenticated Key Exchange -- Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes -- Efficient Tree-Based Revocation in Groups of Low-State Devices -- Computationally Unbounded Adversaries -- Privacy-Preserving Datamining on Vertically Partitioned Databases -- Optimal Perfectly Secure Message Transmission -- Pseudo-signatures, Broadcast, and Multi-party Computation from Correlated Randomness.

Crypto 2004, the 24th Annual Crypto Conference, was sponsored by the Int- national Association for Cryptologic Research (IACR) in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy and the Computer Science Department of the University of California at Santa Barbara. The program committee accepted 33 papers for presentation at the conf- ence. These were selected from a total of 211 submissions. Each paper received at least three independent reviews. The selection process included a Web-based discussion phase, and a one-day program committee meeting at New York U- versity. These proceedings include updated versions of the 33 accepted papers. The authors had a few weeks to revise them, aided by comments from the reviewers. However, the revisions were not subjected to any editorial review. Theconferenceprogramincludedtwoinvitedlectures.VictorShoup’sinvited talk was a survey on chosen ciphertext security in public-key encryption. Susan Landau’s invited talk was entitled “Security, Liberty, and Electronic Commu- cations”. Her extended abstract is included in these proceedings. We continued the tradition of a Rump Session, chaired by Stuart Haber. Those presentations (always short, often serious) are not included here.